Dirty Butter Posted September 26, 2019 Share Posted September 26, 2019 Based on the whole layout of the information, I assumed a recent unpaid order was not legitimate and cancelled it. I then disabled the customer, but did not delete it. Today, the same person ordered and paid with PayPal for what appears to be a legitimate order. I was surprised - I thought un-checking the Status entry on the Customers list would keep the customer from being able to login. They did change the delivery address for the order to a USA address. But the default delivery address is still to a country we do not do business with. We have refused orders from re-shippers before trying to send toys to Korea. South Korean businesses have a reputation for buying a toy, copying it, and selling in online stores as the genuine article. Our post master advised against sending toys to them. Should the unchecked customer have been able to login again or is this a bug? Link to comment Share on other sites More sharing options...
havenswift-hosting Posted September 26, 2019 Share Posted September 26, 2019 Disabling the customer will stop them from logging in again but a possible explanation for this is that the customer never logged out and so still had an active session and so did not actually need to login again. There is a good argument that disabling a customer should automatically terminate any active sessions and many other systems have a way of terminating active login sessions manually as well. Would be worthwhile adding this as a bug / feature request to github and reference this thread Link to comment Share on other sites More sharing options...
Al Brookbanks Posted September 26, 2019 Share Posted September 26, 2019 We can easily remove the session on disable. Probably worth doing. Link to comment Share on other sites More sharing options...
Dirty Butter Posted September 26, 2019 Author Share Posted September 26, 2019 Good - this person is very upset with me LOL - I refunded payment, and they, in broken English and Korean signature, complained. Link to comment Share on other sites More sharing options...
Al Brookbanks Posted October 28, 2019 Share Posted October 28, 2019 I think this is a specific situation. I like the idea of deleting the session however I think this may be an Express Checkout specific bug. Investigating..... Link to comment Share on other sites More sharing options...
Dirty Butter Posted October 28, 2019 Author Share Posted October 28, 2019 I use Standard PayPal, not the Express. Link to comment Share on other sites More sharing options...
Al Brookbanks Posted October 28, 2019 Share Posted October 28, 2019 Hmm how did you manage this then!? Express logs in based on proven email ownership. Standard doesn't. Do you know how to make this happen? Link to comment Share on other sites More sharing options...
Dirty Butter Posted October 28, 2019 Author Share Posted October 28, 2019 I'll see if I can figure out how to replicate this situation and get back to you. Link to comment Share on other sites More sharing options...
Dirty Butter Posted October 28, 2019 Author Share Posted October 28, 2019 I created a fake account. Logged out of Admin and logged back in. I then disabled the Account, but left Store FireFox browser tab still open. I then went to the store front tab and tried to open the account to make a purchase. I CORRECTLY received the Invalid User Name/Password. So I tried to make a new account using the same fake information. This time when I tried to continue with checkout I received the "Email address is already in use" warning, as expected. Then I emptied Cache in Admin and tried the same thing again, but opening the store from the Chrome browser. Admin is open in FireFox with Store open only in Chrome. All error messages are as they should be. SO I cannot reproduce it, unless you can tell me a different series of actions to try. PS - just in case it is meaningful - I have tried Express sometime in the past - could there be some database config entry leftover that is confusing the situation? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.